Virtually all organizations (e.g., government agencies, healthcare institutions, financial institutions, retailers, social networking service providers, employers, etc.) collect and maintain personal data. In certain heavily regulated industries, such as banking and insurance, organizations are required to establish rigorous “know your customer” processes to verify customer identities. These processes are important in preventing identity theft, financial fraud, money laundering, and terrorist financing.
Such troves of personal data are frequently misused for financial, political, or other reasons. To protect privacy of their citizens, many governments have adopted regulations that limit how organizations may handle personal data.